Signaling System Number 7 (“SS7”) is a common channel signaling system whereby signaling links, separate from the voice path, are used to transfer messages between switches or other nodes to set up voice trunks or access to databases. The SS7 protocol consists of a layered structure with each layer routing specific functions. Levels 1, 2, and 3 make up the Message Transfer Part (“MTP”) that provides functions for the reliable transfer of signaling messages. Level 1, the physical layer, includes the physical and electrical portion of the link and access protocol. Level 2, the data link layer, includes error detection and correction, sequence control, message delimitation using flags and link failure detection functions. Level 3, the network layer, includes message handling and network management functions. All signaling points must have the capability to properly respond to network management controls, such as transfer controlled, transfer prohibited, and the like.
The major components of an SS7 network are referred to as signaling points, including signal switching points (“SSPs”), signal transfer points (“STPs”), and signal control points (“SCPs”). SSPs are switches (e.g., end office or tandems) equipped with SS7-capable software and terminating signaling links. SSPs originate, terminate, or switch calls. STPs are routers that operate in carrier-based SS7 networks. STPs route traffic among various elements in the carrier network that use the SS7 network protocol. SCPs are databases that provide information for advanced call-processing capabilities.
In order to protect SS7 networks, vendors and carriers have implemented SS7-based firewalls that screen SS7 signaling traffic and work in tandem with STPs in order to either allow or deny routing/access to SS7 network elements based on a pre-defined set of rules. These rules include source/destination, user authentication, and other SS7 parameters. If a malicious actor figures out a way to bypass the pre-determined set of rules, then access to SS7 networks and network elements is compromised.